grimoire

personal wiki
git clone git://git.pyratebeard.net/grimoire.git
Log | Files | Refs

gpg.md (4164B)


      1 # gpg
      2 
      3 ## encrypt file
      4 ```
      5 gpg -c <filename>
      6 ```
      7 
      8 ## decrypt file
      9 ```
     10 gpg <filename>.gpg
     11 ```
     12 
     13 ## clearsign message
     14 ```
     15 gpg --default-key <key_id> -o <output_file> --clearsign <input_file>
     16 ```
     17 
     18 ## search keys
     19 ```
     20 gpg --search <string>
     21 ```
     22 
     23 ## adding notations
     24 i have used this for setting [keyoxide][] proofs
     25 ```
     26  ──── ─ gpg --edit-key pyratebeard
     27 Secret key is available.
     28 
     29 sec  rsa4096/0xC7877C715113A16D
     30      created: 2016-08-18  expires: never       usage: SC  
     31      trust: ultimate      validity: ultimate
     32 ssb  rsa2048/0xA8CA96DB91B17F70
     33      created: 2016-08-18  expires: 2024-08-16  usage: E   
     34 ssb  rsa2048/0x20E945DD7FC543B7
     35      created: 2016-08-18  expires: 2024-08-16  usage: SA  
     36 [ultimate] (1). pyratebeard <root@pyratebeard.net>
     37 [ultimate] (2)  pyratebeard <pyratebeard@protonmail.com>
     38 
     39 gpg> uid 1
     40 
     41 sec  rsa4096/0xC7877C715113A16D
     42      created: 2016-08-18  expires: never       usage: SC  
     43      trust: ultimate      validity: ultimate
     44 ssb  rsa2048/0xA8CA96DB91B17F70
     45      created: 2016-08-18  expires: 2024-08-16  usage: E   
     46 ssb  rsa2048/0x20E945DD7FC543B7
     47      created: 2016-08-18  expires: 2024-08-16  usage: SA  
     48 [ultimate] (1)* pyratebeard <root@pyratebeard.net>
     49 [ultimate] (2)  pyratebeard <pyratebeard@protonmail.com>
     50 
     51 gpg> notation 
     52 Enter the notation: proof@ariadne.id=irc://irc.darkscience.net/pyratebeard
     53 Current notations for user ID "pyratebeard <root@pyratebeard.net>":
     54          proof@ariadne.id=https://harbour.cafe/@pyratebeard
     55          proof@ariadne.id=dns:pyratebeard.net?type=TXT
     56          proof@ariadne.id=irc://irc.libera.chat/pyratebeard
     57 Adding notation: proof@ariadne.id=irc://irc.darkscience.net/pyratebeard
     58 
     59 sec  rsa4096/0xC7877C715113A16D
     60      created: 2016-08-18  expires: never       usage: SC  
     61      trust: ultimate      validity: ultimate
     62 ssb  rsa2048/0xA8CA96DB91B17F70
     63      created: 2016-08-18  expires: 2024-08-16  usage: E   
     64 ssb  rsa2048/0x20E945DD7FC543B7
     65      created: 2016-08-18  expires: 2024-08-16  usage: SA  
     66 [ultimate] (1)* pyratebeard <root@pyratebeard.net>
     67 [ultimate] (2)  pyratebeard <pyratebeard@protonmail.com>
     68 
     69 gpg> save
     70 ```
     71 
     72 to upload the new key to a keyserver incant
     73 ```
     74 gpg --export root@pyratebeard.net | curl -T - https://keys.openpgp.org
     75 ```
     76 
     77 view the notations
     78 ```
     79 gpg --edit-key pyratebeard
     80 Secret key is available.
     81 
     82 sec  rsa4096/0xC7877C715113A16D
     83      created: 2016-08-18  expires: never       usage: SC  
     84      trust: ultimate      validity: ultimate
     85 ssb  rsa2048/0xA8CA96DB91B17F70
     86      created: 2016-08-18  expires: 2024-08-16  usage: E   
     87 ssb  rsa2048/0x20E945DD7FC543B7
     88      created: 2016-08-18  expires: 2024-08-16  usage: SA  
     89 [ultimate] (1). pyratebeard <root@pyratebeard.net>
     90 [ultimate] (2)  pyratebeard <pyratebeard@protonmail.com>
     91 
     92 gpg> uid 1
     93 
     94 sec  rsa4096/0xC7877C715113A16D
     95      created: 2016-08-18  expires: never       usage: SC  
     96      trust: ultimate      validity: ultimate
     97 ssb  rsa2048/0xA8CA96DB91B17F70
     98      created: 2016-08-18  expires: 2024-08-16  usage: E   
     99 ssb  rsa2048/0x20E945DD7FC543B7
    100      created: 2016-08-18  expires: 2024-08-16  usage: SA  
    101 [ultimate] (1)* pyratebeard <root@pyratebeard.net>
    102 [ultimate] (2)  pyratebeard <pyratebeard@protonmail.com>
    103 
    104 gpg> showpref 
    105 [ultimate] (1)* pyratebeard <root@pyratebeard.net>
    106      Cipher: AES256, AES, 3DES
    107      AEAD: 
    108      Digest: SHA512, SHA256, SHA1
    109      Compression: ZLIB, ZIP, Uncompressed
    110      Features: MDC, AEAD, Keyserver no-modify
    111      Notations: proof@ariadne.id=irc://irc.libera.chat/pyratebeard
    112                 proof@ariadne.id=dns:pyratebeard.net?type=TXT
    113                 proof@ariadne.id=https://harbour.cafe/@pyratebeard
    114                 proof@ariadne.id=irc://irc.darkscience.net/pyratebeard
    115 
    116 gpg> quit
    117 ```
    118 
    119 * getting "There is no assurance this key belongs to the named user" error
    120 * could be from copying keys to a new machine
    121 ```
    122 gpg --edit-key <key_id>
    123 gpg> trust
    124 # select trust level
    125 ```
    126 
    127 ## useful links
    128 - [gpg signing][] - traditional vs. pgp/mime
    129 - how to [verify software][]
    130 
    131 [gpg signing]: https://www.phildev.net/pgp/pgp_clear_vs_mime.html
    132 [verify software]: https://www.phildev.net/pgp/pgp_clear_vs_mime.html
    133 [keyoxide]: https://keyoxide.org/7A8E129DBE679DABAEB337C5C7877C715113A16D